From f14f0c1ddf426fc2fd05bcbe1abbb0336962c5c4 Mon Sep 17 00:00:00 2001
From: Sergey Biryukov <sergeybiryukov.ru@gmail.com>
Date: Sun, 5 Jul 2020 15:22:01 +0000
Subject: [PATCH] XML-RPC: Explicitly unset the reference to the parser
 resource after calling `xml_parser_free()` to avoid memory leaks in PHP 7.0.0
 or higher.

Props procifer, ayeshrajans.
Fixes #49700.
Built from https://develop.svn.wordpress.org/trunk@48322


git-svn-id: http://core.svn.wordpress.org/trunk@48091 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/link-parse-opml.php          | 1 +
 wp-includes/IXR/class-IXR-message.php | 8 ++++++++
 wp-includes/atomlib.php               | 1 +
 wp-includes/feed.php                  | 1 +
 wp-includes/rss.php                   | 1 +
 wp-includes/version.php               | 2 +-
 6 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/wp-admin/link-parse-opml.php b/wp-admin/link-parse-opml.php
index 7a2ad3a1b8..c573db6f60 100644
--- a/wp-admin/link-parse-opml.php
+++ b/wp-admin/link-parse-opml.php
@@ -94,3 +94,4 @@ if ( ! xml_parse( $xml_parser, $opml, true ) ) {
 
 // Free up memory used by the XML parser.
 xml_parser_free( $xml_parser );
+unset( $xml_parser );
diff --git a/wp-includes/IXR/class-IXR-message.php b/wp-includes/IXR/class-IXR-message.php
index 6b8cd5a0fa..6c1279e69c 100644
--- a/wp-includes/IXR/class-IXR-message.php
+++ b/wp-includes/IXR/class-IXR-message.php
@@ -110,20 +110,28 @@ class IXR_Message
         $chunk_size = apply_filters( 'xmlrpc_chunk_parsing_size', $chunk_size );
 
         $final = false;
+
         do {
             if (strlen($this->message) <= $chunk_size) {
                 $final = true;
             }
+
             $part = substr($this->message, 0, $chunk_size);
             $this->message = substr($this->message, $chunk_size);
+
             if (!xml_parse($this->_parser, $part, $final)) {
+                xml_parser_free($this->_parser);
+                unset($this->_parser);
                 return false;
             }
+
             if ($final) {
                 break;
             }
         } while (true);
+
         xml_parser_free($this->_parser);
+        unset($this->_parser);
 
         // Grab the error messages, if any
         if ($this->messageType == 'fault') {
diff --git a/wp-includes/atomlib.php b/wp-includes/atomlib.php
index 2e8709870e..ce62b13599 100644
--- a/wp-includes/atomlib.php
+++ b/wp-includes/atomlib.php
@@ -182,6 +182,7 @@ class AtomParser {
         fclose($fp);
 
         xml_parser_free($parser);
+        unset($parser);
 
         restore_error_handler();
 
diff --git a/wp-includes/feed.php b/wp-includes/feed.php
index 3e9cf29051..d2fd25ecb0 100644
--- a/wp-includes/feed.php
+++ b/wp-includes/feed.php
@@ -564,6 +564,7 @@ function prep_atom_text_construct( $data ) {
 	xml_parse( $parser, '<div>' . $data . '</div>', true );
 	$code = xml_get_error_code( $parser );
 	xml_parser_free( $parser );
+	unset( $parser );
 
 	if ( ! $code ) {
 		if ( strpos( $data, '<' ) === false ) {
diff --git a/wp-includes/rss.php b/wp-includes/rss.php
index ffc2494789..e61dac5554 100644
--- a/wp-includes/rss.php
+++ b/wp-includes/rss.php
@@ -94,6 +94,7 @@ class MagpieRSS {
 		}
 
 		xml_parser_free( $this->parser );
+		unset( $this->parser );
 
 		$this->normalize();
 	}
diff --git a/wp-includes/version.php b/wp-includes/version.php
index 4a7ad37c63..8991309dea 100644
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@@ -13,7 +13,7 @@
  *
  * @global string $wp_version
  */
-$wp_version = '5.5-alpha-48321';
+$wp_version = '5.5-alpha-48322';
 
 /**
  * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.